…In a letter sent
to Russia and obtained
by CBS News, Holder wrote that Snowden, who faces charges of espionage by the
U.S. government, would not be put up for the death penalty or be tortured if he
were extradited to the U.S.

… Verizon is addressing
this need by launching a new initiative to collect, organize and publish all publicly disclosed
data breaches.The data is
coded into VERIS format and available in an interactive dashboard via Tableau
Public as well as in individual files in JSON format in a GitHub
repository. Both can be reached from
the VERIS
Community site as well.

The VERIS Community Database goes live this
week with more than 1,200 reported incidents from the last few
years. This initial batch of data comes
from the Department of Health and Human Services (HHS) incidents, the sites of
the various Attorneys General that provide breach notification source documents,
media reports and press releases. The
goal is to continue to augment this dataset to capture as many incidents as
possible so that others can benefit.

This data is provided as a
resource to benefit the industry at large, as the ability to access and query
data breach information improves everyone’s ability to protect their
organizations and data.

The provocatively named Anti-Big
Brother Act arose out of a situation in Pennsylvania in which a
school district was accused of spying on students through their school-issued
laptops, including taking literally thousands of pictures.

New Jersey legislators seeking
to prevent such incidents here passed the new law this past spring. It requires
districts to notify students and their families that computers issued to them
may be equipped to record their locations and use. It also says that such information will not be
used “in a manner that would violate the privacy rights of the student or any
individual residing with the student.”

But that’s where things can get
murky, so the state Department of Education this week released additional
guidelines about what the law covers and what other policies should also be in
place to cover extenuating circumstances.

In the video above, three prominent thinkers discuss the
past and future of privacy in the United States. Privacy, they point out, has always been
contingent on the culture and the technology of the people who aim to preserve
it -- and to violate it. "Government
intrusion was not a factor, I would say, until the turn of the 20th
century," the law professor Robert Ellis Smith notes.

Ireland’s Data Protection
Commissioner (DPC) has dismissed a complaint that the Irish subsidiaries of Facebook
and Apple breached EU law by sharing data with US intelligence service via the
Prism programme.

The DPC ruled there was “nothing
to investigate” in a complaint filed by Austrian privacy campaigner Max
Schrems, as Apple and Facebook had, in their view, acted within the terms of
the EU-US data-sharing agreement, dubbed the “Safe Harbour” .

The lead
story in today’sNew York Times suggests that Chief Justice
John Roberts has been stacking the Foreign Intelligence Surveillance Court
(FISC) with government-friendly
conservatives. [Didn’t that used to be an oxymoron?Bob]Charlie Savage reports that “86 percent of his
choices have been Republican appointees, and 50 percent have been former
executive branch officials.” The
corresponding figures for Roberts’ two predecessors, William Rehnquist and
Warren Burger, are 66 percent and 39 percent, respectively. “While the positions taken by individual
judges on the court are classified,” Savage writes,
“academic studies have shown that judges appointed by Republicans since
Reagan have been more likely than their colleagues to rule in favor of the
government in non-FISA cases over people claiming civil liberties violations.” He notes that critics troubled by the chief
justice’s FISCal power have proposed changing the way the judges are appointed.

Although it is plausible that
the shift Savage identifies has produced a court somewhat more deferential to
the Justice Department’s requests, the effect may not be apparent in the
day-to-day work of the court, where the
government’s nearly
perfect record probably is due to the weak standards created by
Congress.

“Casetext is a freely available, annotated database
of legal resources.Researchers find relevant documents and immediately see analysis by
other attorneys and paths for further research.Contributors mark up documents in a simple,
digital format and make their expertise widely known, all while helping to
build a comprehensive public research tool.Who are we?Co-founders
Jake Heller and Joanna Huey met in 2009, when Jake was president of the
Stanford Law Review and Joanna was president of the Harvard Law Review. After clerking together for the Honorable
Michael Boudin, we both worked as associates at law firms before we joined
forces to build Casetext.

Research - What is in your database?

Our database currently includes the following cases:

all
U.S. Supreme Court cases,

federal
circuit court cases from Volume 1 of F.2d,

federal
district court cases published in F.Supp. and F.Supp.2d from 1980, and

Most companies will offer some form of educational discount.
Just ask and they will likely come up with at least some sort of offer to try
and entice a sale. Less common however
is when products are offered for no cost at all.

Free
Server Space:

Amazon currently offers grants for educational use
of its extensive server network (one of the worlds largest). Teachers may apply
to receive credits good towards server space rentals. As of this writing, the
offer is for up to $100 credit for each student.

Free
Project Management Software:

Teachers of more advanced classes (particularly those with a
business or career focus) may be interested in LiquidPlanner’s
offer for free educational use of their project management software
for up to 15 ‘seats’. Beyond being used
by teachers to manage class workloads, students can also get this offer
themselves to use in their own collaborative efforts (such as a senior
project).

Free
Mapping Software:

Direct from Google, the king of online mapping (and the rest
of the Internet too…), comes this offer
for free access to Google Earth Pro, as well as the Google Maps
Engine. Ideal for social studies, Google
Earth can be a great interactive tool for lessons and projects, while fiddling
around with the Google Maps Engine can
provide good insights into the world of software development.

Free
Engineering Software:

This offer is a great value for aspiring architecture and
engineering students and is ideal for schools that are looking to improve their
access to STEM education. AutoDesk has
made their leading
engineering software available for free to secondary and post-secondary
classrooms.A standard in the
engineering industry, early access to this software can be a great head start
for students.

Miscellaneous
Discounts:

While not pretty, or always relevant, the Freaky Freddy
website is a good repository of random discounts for
teachers and is updated quite regularly.

The state Division
of Consumer Affairs today announced a settlement with an online
advertising company that agreed to pay $1 million for having
circumvented consumers’ privacy settings by allowing millions of
targeted ads to reach unsuspecting New Jersey web users.

State officials
said the ads imbedded “cookies” into computer hard drives,
essentially creating tracking devices that collected data of page
views and search patterns. The unauthorized activity, which involved
215 million targeted ads and untold number of people, lasted from
June 2009 to February 2012, when a Wall Street Journal article
detailed similar placement of cookies by other companies.

In the case of
today’s settlement with New York City-based PulsePoint, the company
only targeted consumers using Apple’s Safari web browser, officials
said.

Service Nova
Scotia is breaching the privacy rights of licensed drivers by not
letting them know they can opt out of a program in which their
personal information is shared with a registered charitable
organization, says the province’s freedom of information and
protection of privacy review officer.

Dulcie McCallum
says government needs to give people the choice to opt out of a
program in which it shares registered drivers’ names and addresses
with the War Amps key tag program

Four Russians and
a Ukrainian were charged for their role in the largest hacking and
data breach scheme in U.S. history, according to Paul Fishman, the
U.S. attorney in New Jersey.

The five conspired
in a “worldwide scheme that targeted major corporate networks,
stole more than 160 million credit card numbers and resulted in
hundreds of millions of dollars in losses,” Fishman said today in a
statement. The men worked with Albert Gonzalez, a hacker
serving 20 years in prison, according to the indictment unsealed in
federal court in New Jersey.

Center
for Strategic and International Studies July 2013: “The wide
range of existing estimates of the annual loss—from a few billion
dollars to hundreds of billions—reflects several difficulties.
Companies conceal their losses and some are not aware of what has
been taken. Intellectual property is hard to value. Some estimates
relied on surveys, which provide very imprecise results unless
carefully constructed. One common problem with cybersecurity surveys
is that those who answer the questions “self-select,” introducing
a possible source of distortion into the results. Given the data
collection problems, loss estimates are based on assumptions about
scale and effect—change the assumption and you get very different
results. These problems leave many estimates open to question.”

News
release: “A majority of the U.S. listed Fortune 500 firms are
following the U.S. Securities and Exchange Guidelines by providing
some level of disclosure regarding cyber exposures, with more than
half indicating their firms would face “serious harm” or be
“adversely impacted” due to a cyber-attack, according to a recent
report by Willis North America, a unit of Willis Group Holdings, a
leading global risk advisor, insurance and reinsurance broker. The
Willis Fortune 500 Cyber Disclosure Report … are the results of
an effort launched last year to track organizations’ response to
SEC Guidance issued in October 2011, asking U.S. listed companies to
provide extensive disclosure on their cyber exposures. The report
found that 88% of the Fortune 500 are following SEC Guidelines as of
April 2013 and providing “some level” of disclosure regarding
cyber exposures. However, some companies within particular
industries that would seem to have exposures, were silent, Willis
said. Among those silent were: an insurance company, a
pharmaceutical company, a restaurant chain and a health care firm –
“all of which would seem to have some level of cyber risk when
compared to the disclosures of their peers,” the report said.”

French internet
host OVH informed its customers on 22 July that the
private data of a few hundreds of thousands of European
private and business customers had been compromised by a hacker.
Founder and CEO Octave Klaba wrote to subscribers that the internal
network of its headquarters in Roubaix was breached when a hacker
gained access to one of the system administrators’ e-mail accounts.
Using this e-mail access, the perpetrator was able to break into to
another employee’s internal VPN and then to the account of a system
administrator who handles back-office functions. [Not
sure how that chain of hacks would work... Bob]

The Register provides additional
details, here.
I love the line in OVH’s advisory:

“In short, we
were not paranoid enough so now we’re switching to a higher level
of paranoia. The aim is to guarantee and protect your
data in the case of industrial espionage that would target people
working at OVH.”

Sometimes, yes, they are out to get
you(r) data.

Even the government is starting to
gather (and use?) Best Practices...

“One of the Federal Government’s
most important missions is to provide citizens, customers, and
partners with easy access to government information and services. As
society increasingly relies on social media as a primary source for
information, it is clear that these platforms have an important role
to play in the Federal Government’s communication strategy,
including its move toward a digital, open government. Social media
allows an agency to post messages in places where people regularly
interact, and ensures it reaches interested audiences–including
audiences known to the agency a s well as those that are unknown. In
addition, social media enhances the Federal Government’s
situational awareness by enabling agencies to learn about problems
and issues being discussed by different audiences, and allowing
agencies to react, respond, and assist the public more efficiently
and effectively. Government agencies also may use social media to
fulfill their operational missions, for example, detecting and
preventing benefit fraud and abuse.”

“The U.S. Census Bureau has released
My Congressional District,
the first interactive tool geared exclusively toward finding basic
demographic and economic statistics for every congressional district
in the U.S. This Web app uses the latest annual statistics from the
American Community Survey, providing the most detailed portrait of
America’s towns and neighborhoods. Users can sort through
statistics in five key categories upon selection of a specific
district in the application. Summary level statistics covering
education, finance, jobs and housing, as well as basic demographic
information, can quickly be displayed, downloaded and shared with
others. A major feature of the My Congressional District app is the
ability to embed a selected 113th congressional district on a user’s
own webpage. The embedded district will display the latest
statistics from the American Community Survey, allowing visitors to
quickly view statistics for any of the 435 congressional districts
and the District of Columbia.”

Curious about FirefoxOS,
which is for sale now? That makes sense: this open source,
royalty-free operating system is bound to pop up on phones all
over the planet eventually, but odds are a phone running it is not
yet available in your country right now. Don’t worry: you can
still give it a spin on your computer – all you need is a single
Firefox extension. With it you can run a virtual version of
FirefoxOS, and find out whether Mozilla’s smartphone operating
system is right for you, this is your chance to find out.

… The Chromecast connects
wirelessly to the user’s smartphone, tablet, or laptop, and can
play video and music from these devices right on their television.
With support for both iOS and Android, such devices double as a media
source and a remote control for playback.

“Sitegeist
is a mobile application that helps you to learn more about your
surroundings in seconds. Drawing on publicly available information,
the app presents solid data in a simple at-a-glance format to help
you tap into the pulse of your location. From demographics about
people and housing to the latest popular spots or weather, Sitegeist
presents localized information visually so you can get back to
enjoying the neighborhood. The application draws on free APIs such
as the U.S. Census, Yelp! and others to showcase what’s possible
with access to data. Sitegeist was created by the Sunlight
Foundation in consultation with design firm IDEO
and with support from the John
S. and James L. Knight Foundation. It is the third in a series
of National Data Apps.”

… Highly
VA-funded schools generally had more positive outcomes than other
VA-funded schools. Compared to other schools, highly VA-funded
schools generally had higher retention rates (percentage of students
returning to the same school from 1 year to the next) and graduation
rates.

Thursday, July 25, 2013

The U.S.
government has attempted to obtain the master encryption keys that
Internet companies use to shield millions of users’ private Web
communications from eavesdropping.

These demands for
master encryption keys, which have not been disclosed previously,
represent a technological escalation in the clandestine methods that
the FBI and the National Security Agency employ when conducting
electronic surveillance against Internet users.

Today Rep. Rush
Holt introduced legislation to repeal federal surveillance laws that
the government abused by collecting personal information on millions
of Americans in violation of the Constitution, as revealed by a
federal whistleblower and multiple media outlets last month.

… My
legislation would put a stop to that right now.” [Probably
not really Bob]

Holt’s bill, the
“Surveillance State Repeal Act”, would repeal the PATRIOT Act and
the FISA Amendments Act, each of which contains provisions that
allowed the dragnet surveillance.

“The National Institute of Standards
and Technology (NIST) has released a revision to the digital standard
used to ensure the integrity of electronic documents, as well as the
identity of the signer. The new document, Federal
Information Processing Standard (FIPS) 186-4, concerns what is
commonly known as the digital signature standard. First published in
1994 and revised several times since then, the standard provides
a means of guaranteeing authenticity in the digital world.
It uses complex math operations to encrypt and unscramble
“signatures” that are all but impossible to forge. Updates to
the standard are still necessary as technology changes. According to
NIST computer scientist Elaine Barker, FIPS 186-4 contains no major
revisions, but rather focuses on keeping the standard consistent with
other NIST cryptographic guidelines. Other than clarifying a number
of terms and correcting typographical errors, most of the changes aim
to align the standard with other publications, such as NIST Special
Publication 131A, so that all NIST documents offer consistent
guidance regarding the use of random number generators. Another
change concerns the use of prime number generators, which requires
random initial values for searching for prime numbers. FIPS 186-3
specifically allowed saving these “seeds” only for use as
evidence that the generated values were determined in an arbitrary
manner; FIPS 186-4 permits saving them for additional purposes, such
as the regeneration of the values.”

“Reporters Without Borders has
published an Online
Survival Kit on its WefightCensorship.org website that
has tools and practical advice that will allow you to protect your
communications and data. You don’t need to be an IT engineer to
learn how to protect the content of your emails and
remain anonymous online. The tools and techniques
presented in this kit do not require advanced knowledge of computers
and programming.”

For my Computer Security students who
claim they can't find anything relevant.

There is no shortage of data on this
topic: government agencies, academic institutions, think tanks,
security consultants, and trade associations have issued hundreds of
reports, studies, analyses, and statistics.”

New
Report: The State Department's Anti-Hacking Office Is a Complete
Disaster

The State Department has plenty of
important secrets—classified cables, foreign policy directives,
embassy plans, and more. It also has a department (with a nine-word
name) responsible for protecting those secrets from hackers: the
Bureau of Information Resource Management's Office of Information
Assurance. Yet according to an unusually
scathing new report from the State Department's inspector
general, this "lead office" for cybersecurity is so
dysfunctional and technologically out-of-date that Foggy Bottom may
be open to cyberattack.

Are most lawyers ready to defend a
Computer Security instructor who was merely trying to demonstrate
Privacy “Best Practices?”

There’s a funny catch-22 when it
comes to privacy best practices. The very techniques that experts
recommend
to protect your privacy from government and commercial tracking could
be at odds with the antiquated, vague Computer Fraud and Abuse Act
(CFAA).

A number of researchers (including me)
recently joined an amicus
brief (filed
by Stanford’s Center for Internet and Society in the “Weev”
case), arguing how security and privacy researchers are put at risk
by this law.

… The crux of a CFAA violation
hinges on whether or not an action allows a user to gain “access
without authorization” or “exceed authorized access” to a
computer. The scary part, therefore, is when these actions involve
everyday behaviors like clearing cookies, changing browser reporting,
using VPNs, and even protecting one’s mobile phone from being
identified.

… Clearing cookies limits the
profiles advertisers can compile, essentially rendering us as a new
user to web services. In fact, the FTC recommends
that users clear cookies to protect their private information,
and the Treasury Department advises the same — though in that case
it’s to make sure their website is loading correctly for users.

However, many websites rely on cookies
to enforce paywalls. These companies do this so their freemium
business models can work transparently, without initially requiring
the user to be aware (i.e., log in) until they hit the limit.

The New York Times, for
example, imposes a 10 articles-a-month limit for non-subscribers,
allowing users to browse 10 articles for free but then requiring
payment for subsequent use. But the method the New York Times
and other publications use to identify users is unreliable and
easy to circumvent, even inadvertently. Clearing
one’s cookies periodically — or even using a browser’s private
browsing mode — bypasses the flimsy paywalls and allows users
to continue reading stories. [Whose “Oops?” The Times or me?
Bob]

The internet is changing. Last week,
the Internet Corporation for Assigned Names and Numbers, a non-profit
entity that runs the web’s naming system, approved four new
top-level domain names (TLDs) (the bit after the final dot, such as
.com): онлайн and сайт (Russia for “online” and
“site”), شبكة (Arabic for “web”)
and 游戏 (Chinese for “game”).

So far, uncontroversial. But among the
1,410 TLDs for which nearly 2,000 companies applied are generic names
such as .tickets, .app and .wtf as well as more specific ones, like
.catholic and .amazon. Things are about to get messy.

Critics say that hundreds of new TLDs
will confuse internet users, force companies to pre-emptively sign up
across dozens of registers to prevent copyright theft, and confer a
monopoly to whomever gains the rights to highly-sought after names.
Mindful of the controversial nature of some applications, ICANN
included a lengthy objection period.

At the most recent meeting of the GAC
in Durban last week, India again
made clear (pdf) its discomfort with the idea of a .ram domain
name. To many outside India, this is baffling. Why does India care
about a line of pick-up trucks named for a male sheep?

The objection arises from an
unfortunate homonym: Ram, pronounced with a long “a,” is also the
name of one of Hinduism’s chief gods.

The Internet is a plethora of niches.
Thai monks are (roughly) 12/1000ths of the 3 billion plus Internet
users.

You read that headline right: If you
and I were on the same WiFi network, I could probably log in to some
of your sensitive accounts — and I’m not even a hacker. This is
thanks to an app for rooted Android devices called dSploit.

Try an online-only replacement for
Google Reader. Feedspot isn’t well known now, but that may soon
change. Google Reader’s decline means any RSS reader has a chance
to step up and convince its readers to try out their service.
Feedspot makes a compelling argument. Its interface is clean and
likely familiar. Feeds can migrate from Google Reader, or any other
RSS reader by use of an OPML file.

The Syrian Electronic Army [SEA] hacked
the Tango app (video/text messages service) website and database.
The databases content a of millions of the app users phone numbers
and contacts and their emails More than 1,5 TB of the daily-backups
of the servers network has been downloaded successfully.

I like it! This will work well in my
Computer Security classes, and others...

“This report looks at the continuing
rise in “attempts by foreign collectors to obtain illegal or
unauthorized access to sensitive or classified information and
technology resident in the U.S. cleared industrial base.” The
report looks at collector affiliations, methods of operation and the
top targeted technologies and includes review by regional trends.”
[via Greta E. Marlatt]

… “That’s our
best guess,” [Honest. I like that Bob] said James
Andrew Lewis, the director of the technology and public policy
program at the Center for Strategic and International Studies.

The center completed the
study with the help from cybersecurity giant McAfee and came up
with the new figures by relying on models, such as those used to
estimate the economic effects of car crashes and ocean piracy,
instead of surveys of companies.

I thought they only kept this data for
18 months (or have they held onto it since the case started in 1993?)

Missed this one last week… thanks
to @PrivacyCamp for making me aware of it.

Dana Liebelson reports:

Thanks to
disclosures made by Edward Snowden, Americans have learned that their
email records are not necessarily safe from the National Security
Agency—but a new ruling shows that they’re not safe from big oil
companies, either.

Last month, a
federal court granted Chevron access to nine
years of email metadata—which includes names, time stamps, and
detailed location data and login info, but not content—belonging to
activists, lawyers, and journalists who criticized the company for
drilling in Ecuador and leaving behind a trail of toxic sludge and
leaky pipelines.

… Chevron alleges that it is the
victim of a mass extortion conspiracy,
which is why the company is asking Google, Yahoo, and Microsoft,
which owns Hotmail, to cough up the email data. When Lewis Kaplan, a
federal judge in New York, granted the Microsoft subpoena last month,
he ruled
it didn't violate the First Amendment because Americans weren't among
the people targeted.

But a few days
ago, Idaho became the third state in the union to sign up for the
Department of Homeland Security’s RIDE (Records
and Information from DMVs for E-Verify) program, which is
administered by the ID-friendly
American Association of Motor Vehicle Administrators. Idaho joins
Mississippi and Florida
in volunteering state driver information to the DHS.

First the RFID cards were to help with
attendance (a task too difficult for teachers?) but now they had
“safety and security benefits” which TV cameras (in place before
the cards) will cover adequately? Do these people ever listen to
their own words?

The Northside Independent School
District (NISD) of Texas, best known for being
sued by a student over its mandatory RFID card policy, is
dropping the technology that originally landed it in the courtroom.

… The most disappointing aspect is
that the district has decided to swap one form of surveillance for
another.

Meanwhile,
Gonzalez told me Northside plans to capture the
safety and security benefits of RFID chips through other
technological means. "We're very confident we can still
maintain a safe and secure school because of the 200 cameras that are
installed at John Jay High School and the 100 that are installed at
Jones Middle School.

“This Article reviews selected
aspects of secrecy policy in the Obama Administration to better
comprehend the dynamics of official secrecy, particularly in the
national security realm. An understanding emerges: secrecy policy
is founded on a set of principles so broadly conceived that they do
not provide unequivocal guidance to government officials who are
responsible for deciding whether or not to classify particular
topics. In the absence of such guidance, individual
classification decisions are apt to be shaped by extraneous
factors, including bureaucratic self-interest and public controversy.
The lack of clear guidance has unwholesome implications for the
scope and operation of the classification system, leading it to stray
from its legitimate national security foundations. But an insight
into the various drivers of classification policy also suggests new
remedial approaches to curtail inappropriate secrecy.”

Nicole
L. Black’s commentary on LinkedIn provides perspective on how
it is billed as the “professional” social network, which is why
lawyers dipping their toes into social media for the first time often
start with LinkedIn. She states that the problem is that as far as
social networks go, LinkedIn hasn’t always been very, well …
social. However, lately her take on LinkedIn has changed a bit –
she still does not think it is the most vibrant or useful social
network, but that its value proposition for lawyers has changed over
the past year or so.

… “Stable” is not the way
anyone would describe a legal career today. In the past decade,
twelve major firms with more than 1,000 partners between them have
collapsed entirely. The surviving lawyers live in fear of suffering
a similar fate, driving them to ever-more humiliating lengths to edge
out rivals for business. “They were cold-calling,” says
the lawyer whose firm once turned down no-name clients.

… That’s a far larger slice of
than previously thought, and it means that with so many consumer
devices connecting to Google each day, it’s bigger than
Facebook, Netflix, and Instagram combined. It also explains why
Google is building data centers as fast as it possibly can. Three
years ago, the company’s services accounted for about 6
percent of the internet’s traffic.

“What’s really interesting is, over
just the past year, how pervasive Google has become, not just in
Google data centers, but throughout the North American internet,”
says Craig Labovitz, founder of Deepfield,
the internet monitoring company that crunched the data. His probes
show that more than 62 percent of the smartphones, laptops, video
streamers, and other devices that tap into the internet from
throughout North America connect to Google at least once a day.

For my Excel students (I make them
create a budget to plan for retirement) Simple. But a starting
point.

“The income level necessary for
families to secure an adequate but modest living standard is an
important economic yardstick. While poverty thresholds, generally
set at the national level, help to evaluate what it takes for
families to live free of serious economic deprivation, the Economic
Policy Institute’s (EPI) Family
Budget Calculator—recently updated for 2013—offers a broader
measure of economic welfare and provides an additional metric for
academics and policy experts looking for comprehensive measures of
economic security. The basic family budgets presented in this
report, as well as those presented via the Family
Budget Calculator itself, measure the income families need in
order to attain a secure yet modest living standard where they live
by estimating community-specific costs of housing, food, child care,
transportation, health care, other necessities, and taxes.”

Links

About Me

I live in Centennial Colorado. (I'm not actually 100 years old., but I hope to be some day.) I'm an independant computer consultant, specializing in solving problems that traditional IT personnel tend to have difficulty with... That includes everything from inventorying hardware & software, to converting systems & data, to training end-users. I particularly enjoy taking on projects that IT has attempted several times before with no success. I also teach at two local Universities: everything from Introduction to Microcomputers through Business Continuity and Security Management. My background includes IT Audit, Computer Security, and a variety of unique IT projects.